Digital / Security / Tradecraft (11/22) — Dr. Hill’s Warning

After she accepted an offer to join President Trump’s National Security Council, Dr. Fiona Hill, found herself the putative victim of campaign of digital harassment to defame, degrade and doxxed her and her family. The political vector attached to this function came from the network of pro-Trump media agitators. Hill was a “mole.” She was part of the Deep State. She would sabotage the President because she had worked for other presidents. Testifying earlier this month,

Hill said that:

“My entire first year of my tenure at the National Security Council was filled with hateful calls, conspiracy theories, which has started again, frankly, as it’s been announced that I’ve been giving this deposition, accusing me of being a Soros mole in the White House, of colluding with all kinds of enemies of the president, and of various improprieties.”

It continued, she said yesterday, and she and her lawyer worked with Twitter to take down posts pointing out her address and personal phone numbers. Pointedly, Hill warned that this sort of thing is happening to everyone — including, she said, “the press,” when reporters speak a truth that somehow dents the armor surrounding the polarized channels of communication we use to get our information.

This is one reason why digital security and press tradecraft, to me, are national security equities, especially when threatened by foreign actors, or by domestic agitators intent on creating chaos (for its own sake) or curtailing the public’s right to know.

This story is getting traction on the right — Gay radio host’s lawyer no longer representing him after damning new evidence comes to light — but I want to look at the digital security tradecraft that seems to have gotten the guy caught. First, he used non-secure searches to look up how Twitter identified where users logged in from; he also co-located the device he used to perpetuate what seems to be the hoax with his own personal device; he then tried to cover up his digital tracks by creating more. “According to [police] documents, the tweet was sent from a T-Mobile IP address, a unique number identifying a device’s connection to the internet, that was associated with previous times when Dunlap’s phone was used to access WWL’s Twitter account. The firm also found evidence that one iPhone in particular, identified by a unique number assigned to the device by Apple during the manufacturing process, was associated with Dunlap’s account on the company’s email server. That account was accessed from a single device having the same IP address as the one used to send the derogatory tweet.” For people who want to use burner devices for legitimate news-gathering purposes, be very careful where you activate them and where you use them.

DHS is being sued for allegedly tracking journalists covering border protests. Your rights at the border are at their zenith. There is a lot to know about what not to do, and I will use later newsletters to give some advice about how to make sure this doesn’t happen to you.

Data breach of the day: 2.2 million users of a web cryptocurrency site and an online gaming site have had their credentials dumped into the marketplace for hackers and attackers.

DuckDuckGo’s mobile browser, enhanced with an upgrade, will now automatically direct your queries to encrypted versions of websites. This complements efforts by other browsers to help users automatically opt-in (opt-in by default?) to better security practices.